daffainfo
/
ai-exploits
mirror of https://github.com/daffainfo/ai-exploits.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
ai-exploits/gradio
History
Muhammad Daffa ba0171f6c4 feat: change some templates structure to make it readable and fix fastapi-dos template 2024-07-23 14:17:53 +07:00
..
README.md April exploit release 2024-05-07 08:59:01 -07:00
gradio-lfi.yaml feat: change some templates structure to make it readable and fix fastapi-dos template 2024-07-23 14:17:53 +07:00
gradio_lfi.py April exploit release 2024-05-07 08:59:01 -07:00

README.md

Gradio Vulnerabilities and Exploits

Gradio is the fastest way to demo your machine learning model with a friendly web interface so that anyone can use it.

Vulnerabilities

Local File Inclusion

  • Description: Gradio < 4.3.0 is vulnerable to an LFI in the /component_server API endpoint.
  • Impact: This vulnerability allows an attacker to read files off the filesystem remotely.

Reports

Disclaimer

The vulnerabilities and associated exploits provided in this repository are for educational and ethical security testing purposes only.

Contribution

Contributions to improve the exploits or documentation are welcome. Please follow the contributing guidelines outlined in the repository.

License

All exploits and templates in this repository are released under the Apache 2.0 License.